As a new season of Fortnite is upon us, so are the scams. Computer Security firm Malwarebytes has uncovered malicious code present in Fortnite downloads.
According to Malwarebytes, “Among all the gluttony of scams there hid a malicious file ready to steal data and enumerate Bitcoin wallets, for starters.”
“The found the codes in free Android versions of Fortnite which were leaked out from under the developer’s noses that claims to caontain “aimbot – a bot that automaically aims at opponents” and “wallhacks – cheat that allows players to see through walls
The malware was advertised through some videos on Youtube with links in the description that takes unsuspecting victimes to the page where they go through some stress to get the malware oackaged as a gift.
“Malwarebytes detects this file as Trojan.Malpack, a generic detection given to files packed suspiciously. The actual payload could be anything at all, but it will invariably be up to no good. In this case, a little digging showed us the payload is a data stealer.
“Once the initial .EXE (which weighs in at just 168KB) runs on the target system, it performs some basic enumeration on details specific to the infected computer. It then attempts to send data via a POST command to an /index.php file in the Russian Federation, courtesy of the IP address 5(dot)101(dot)78(dot)169.
“Some of the most notable things it takes an interest in are browser session information, cookies, Bitcoin wallets, and also Steam sessions.
Since Fortnite’s users are generally young, one can’t help but pity those of them who have fallen for this scam.